Bleeping Computer

Drupalgeddon 2 Vulnerability Used to Infect Servers With Backdoors & Coinminers

Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw. According to multiple sources, ...
Bleeping Computer

Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code

The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code. The code, hosted on GitHub, was created by Vitalii Rudnykh, a Russian ...
Threat Post

Muhstik Botnet Exploits Highly Critical Drupal Bug

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...
Threat Post

Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable

Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it. Drupal released a patch for a “highly critical” flaw in versions 6, 7 and 8 of its CMS ...
ZDNet

It took hackers only three days to start exploiting latest Drupal bug

Three days --that's the time it took hackers to start launching attacks against Drupal sites using an exploit for a security flaw the CMS project patched last week. The attacks, detected by web ...